Module ZipSlip
Import path
import semmle.javascript.security.dataflow.ZipSlipCustomizations
Classes
AdmZipEntrySource |
An archive entry path access using the |
CreateWriteStreamSink |
A call to |
FileSystemWriteSink |
A file path of a file write, as a sink for unsafe archive extraction. |
JSZipFileSource |
A relative path from iterating the files in the JSZip object |
JSZipFilesSource |
A object key in the JSZip files object |
Sink |
A data flow sink for unsafe archive extraction. |
Source |
A data flow source for unsafe archive extraction. |
UnzipEntrySource |
An archive entry path access, as a source for unsafe archive extraction. |